CLAIMS 



What is claimed is: 



A method for securely 

(a) receiving 

(b) providing 

(c) receiving 

(d) providing 



slid 



providing information comprising the steps of: 
ir formation identifying an encrypted personal security device; 

identified encrypted personal security device; 

authentication information: and 



decryption information for said personal security device 
responsive to said authentication information. 



The method of claim 1 wherein steps (a) and (b) comprise: 

(a) receiving information identifying an encrypted key; and 

(b) providing said identified encrypted key. 



The method of claim 1 wherein step (a) comprises receiving information 
identifying an encrypted personal security device, the personal security device 
comprising information necessary to make a secure network connection between a 
network client and k network server. 

The method of claim 1 wherein step (a) comprises receiving information 
identifying an encrypted personal security device, the personal security device 
comprising information necessary to make a secure virtual private network 
connection. 



The method of claim 1 further comprising the step of validating said 
authentication information. 



6. 



The method of claim 



wherein step (b) further comprises the steps of: 



2 
3 

1 7. 

2 

1 8. 

2 



13. 



14. 



(b-a) retrieving said personal security device; and 
(b-b) providing sai< personal security device. 



The method of claim! 6 
security device from 



wherein step (b-a) comprises retrieving said personal 
an authentication server. 



The method of clain 
security device on a Ismartcard 



1 9. The method of clain 



1 further comprising the step of storing said personal 



1 further comprising the step of storing said decryption 



information in a volatile memory element. 



1 10. The method of clain 

2 authentication inforr lation 



1 wherein step (c) comprises receiving time-dependent 



11. A method for access ng secure information comprising the steps of: 

(a) receiving an < sncrypted personal security device; 

(b) receiving dec yption information for said personal security device; and 
d personal security device. 



(c) decrypting sa 



12. The method of claim 

personal security device 



The method of claim 



1 further comprising the step of using said decrypted 
to access said secure information. 



encrypted personal se ;urity device comprising information necessary to make a 



secure network conne 



The method of claim 
encrypted personal security 
secure virtual private 



1 wherein receiving step (a) comprises receiving an 



;tion between a network client and a network server. 



1 wherein receiving step (a) comprises receiving an 

device comprising information necessary to make a 
network connection. 



V 
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# 



1 15. The method of cla 

2 (d) transmitting 

3 and 



19. 



20. 



(e) transmittal 



1 16. The method of cla 



authentication information. 



m 1 1 further comprising the steps of: 
information identifying an encrypted personal security device; 



g authentication information. 



m 15 wherein step (e) comprises transmitting time-dependent 



17. The method of claim 
security device on 



1 1 further comprising the step of storing said personal 
a smartcard. 



1 18. The method of claim 

2 information in a vc > 



A method for allowing a network client secure access to information, the method 
comprising the steps of: 
(a) requesting, 

network setfver. 



by said network client, a personal security device from a 

, wherein said personal security device comprises encrypted 
informatiorl necessary to make a secure network connection; 



(b) forwarding, 
network cli 



(c) providing, 

personal security 



The method of claitn 
personal security djevice 
virtual private network 



1 1 further comprising the step of storing said decryption 
latile memory element. 



by said network server, said personal security device to said 
:nt; and 



>y said network server, decryption information for said 
device. 



19 wherein step (b) comprises providing an encrypted 
comprising information necessary to make a secure 
connection. 



1 21. The method of clai m 1 9 further comprising the steps of: 
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(d) fo Warding, by said network server said request to an authentication 
server; 

(e) querying, by said authentication server a user database with said request; 

(f) returning, by said user database a personal security device to said 
authentication server; and 

(g) forwarding, by said authentication server said personal security device to 
said network server. 

The method pf claim 19 further comprising the steps of: 

(h) obtaining, by said client, authentication information from an 
authentication token; 

(i) providing, by said client, said authentication information to said 
authentication server; 

(j) confirming, by said authentication server, the validity of said 
authentication information; 

(k) retrieving, by said network server, decryption information for said 
persomal security device from a database; and 

(1) providing, by said network server, decryption information for said 
personal security device to said client. 



The method o 
authentication 



claim 22 wherein step (h) comprises obtaining time-dependent 
information. 



The method oi claim 19 further comprising the steps of: 
(m) decryp ing, by said client, said personal security device. 

A device for providing secure access to information comprising: 
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2 
3 

4 

5 

6 
7 



1 27. 

2 



28. 



(a) a first receiver receiving information identifying an encrypted personal 



security de 



ace; 



(b) 
(c) 
(d) 



a first transmitter providing said identified personal security device; 

a second receiver receiving authentication information; and 

a second transmitter providing decryption information for said personal 
security device responsive to said authentication information. 



1 26. The device of cla 

2 security device 



m 25 wherein said receiver receives said encrypted personal 
comprising an encrypted key. 



The device of cla|im 
security device 
connection betwfeen 



25 wherein said receiver receives said encrypted personal 
comprising information necessary to make a secure network 
a network client and a network server. 



The device of cl&im 
security device 
network connection 



25 wherein said receiver receives said encrypted personal 
domprising information necessary to make a secure virtual private 



1 29. The device of cl^im 25 further comprising an authenticator validating said 

2 authentication information. 

1 30. The device of cl^im 25 wherein said first receiver is the same as said second 

2 receiver. 

1 31. The device of cl^im 25 wherein said first transmitter is the same as said second 

2 transmitter. 

1 32. The device of cljiim 25 wherein said authentication information is time- 

2 dependent. 
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1 33. A device for accessing secure information comprising: 

2 (a) a first rec ;iver receiving an encrypted personal security device; 

3 (b) a second -eceiver receiving decryption information for said personal 

4 security device; and 

5 (c) a decrypi or decrypting said personal security device. 

1 34. The device of claim 33 wherein said receiver receives said encrypted personal 

2 security device comprising information necessary to make a secure network 

3 connection between a network client and a network server. 



1 35. The device of claim 33 wherein said receiver receives said encrypted personal 

2 security device comprising information necessary to make a secure virtual private 

3 network connection. 

1 36. The device df claim 33 further comprising: 

2 (d) a firit transmitter transmitting information identifying an encrypted 

3 personal security device; and 

4 (e) a second transmitter transmitting authentication information. 

1 37. The devicfe of claim 36 wherein said first transmitter is the same as said second 

2 transmitter. 



1 38. The device of claim 36 wherein said authentication information is time- 

2 dependent. 

1 39. The device of claim 33 further comprising a smartcard storing said decryption 

2 inform* tion. 
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1 40. The device of claim 33 further comprising a volatile memory element storing said 

2 decryption information. 

1 41 . The device of claim 33 wherein said first receiver is the same as said second 

2 receiver. 

1 42. A system for prowding secure access to information comprising: 

2 (a) a network blient comprising a volatile memory element; and 

3 (b) a network server storing an encrypted personal security device in a server 

4 memory element, said personal security device comprising encrypted 

5 information. 

1 43. The system of claim 42 further comprising a smartcard having a volatile memory 

2 element storing sain personal security device. 

1 44. The system of claim 42 wherein said user database includes said personal security 

2 device. 

1 45. The system of claim 42 further comprising decrypted information for forming a 

2 secure network connection between said client and said server wherein said 

3 decrypted information is derived from applying said decryption information to 

4 said personal security device. 

1 46. The system of claim 42 wherein said decryption information is stored in said 

2 volatile storage. 

1 47. The system of claim 42 wherein said decrypted information is stored in said 

2 volatile storage. 

1 48. The system of claim 42 wherein said network is a virtual private network. 
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1 49. 

2 



1 50. 

2 
3 

4 

5 
6 
7 
8 



51. 



The system of 
information nec 
client and said s 



claim 42 wherein said encrypted information comprises 
ssary for forming a secure network connection between said 



srver. 



The system of c 
(c) an authentication 



aim 42 further comprising: 

token, wherein said token is capable of providing 
authenti4ation information; and 



(d) an authentication 
user database 



upon rec 

The system of c 
dependent. 



server, wherein said authentication server comprises a 
wherein said user database comprises decryption 
information for said personal security device, and wherein said 
authentication server is capable of providing said decryption information 
eipt of said authentication information. 



aim 50 wherein said authentication information is time- 
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